Add: leechristensen/SpoolSample to Credential Access section

2025-01-10 07:09:32 -05:00 · 2022-06-27 22:09:29 +07:00 · 2022-06-27 22:09:29 +07:00 · 56382fd6f5
commit 56382fd6f5
parent 6fce32046c
1 changed files with 8 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -2195,6 +2195,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/KoreLogicSecurity/wmkick">KoreLogicSecurity/wmkick</a></td>
        <td>WMkick is a TCP protocol redirector/MITM tool that targets NTLM authentication message flows in WMI (135/tcp) and Powershell-Remoting/WSMan/WinRM (5985/tcp) to capture NetNTLMv2 hashes.</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/leechristensen/SpoolSample">leechristensen/SpoolSample</a></td>
+        <td>PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/Luct0r/KerberOPSEC">Luct0r/KerberOPSEC</a></td>
        <td>OPSEC safe Kerberoasting in C#</td>
@ -2308,6 +2312,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/shantanu561993/SharpLoginPrompt">shantanu561993/SharpLoginPrompt</a></td>
        <td>This Program creates a login prompt to gather username and password of the current user. This project allows red team to phish username and password of the current user without touching lsass and having adminitrator credentials on the system.</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/ShutdownRepo/ShadowCoerce">ShutdownRepo/ShadowCoerce</a></td>
+        <td></td>
+    </tr>
    <tr>
        <td><a href="https://github.com/ShutdownRepo/smartbrute">ShutdownRepo/smartbrute</a></td>
        <td>Password spraying and bruteforcing tool for Active Directory Domain Services</td>